Relocated /var – now selinux is unhappy

ethrbunny asked:

I needed more space in the /var tree on a VM so I allocated some, booted in to runlevel 1 and copied over the folder to the new space. After changing the fstab entry for /var to reflect the new location I rebooted.

(you can see what’s coming)

The boot process was pretty well mangled. I had to disable selinux to get anything working properly.

Given the nature of this system I would like to reenable selinux but I’m not clear how to get it all setup properly. Looking at the perms using ls -Z it all appears the same (as the original /var folder) but clearly something is amiss.

What step(s) did I miss?

EDIT: This is the (relevant) output of ls -alZ /:

drwxr-xr-x  root  root     ?                                var
drwxr-xr-x. root  root     system_u:object_r:var_t:s0       var.old

Looks like a promising avenue – though I note that /sys, /dev and /proc all have ‘?’ there.

My answer:


Should be a pretty simple fix:

  1. Set SELinux to permissive. Edit /etc/sysconfig/selinux and set SELINUX=permissive. This should let you boot normally while still being able to use SELinux utilities.

  2. Reboot the system.

  3. Restore all the file contexts for the entire system.

    restorecon -r -v /
    
  4. Set SELinux to enforcing. Edit /etc/sysconfig/selinux and set SELINUX=enforcing.

  5. Reboot the system.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.